I recently enabled FileVault on OSX Lion. All seems to have gone well - it asks for my password before booting as expected, however it asks for it twice. Basically, it asks for my password, boots for a 30 seconds, restarts, asks for my password again - and then everything boots OK.

3 Answers
3

FileVault will ask for the disk encryption password to unlock the disk before booting the OS - once the disk is unlocked, it proceeds with booting as normal, at which point it will ask for your login password. Only certain users are allowed to unlock the disk. So, when you first turn it on, it'll ask you to authenticate to unlock the disk, then it'll ask you to authenticate to login. This sounds like what you're experiencing, and it is normal.

EDIT: Check the answer below, this is in error. Are you unlocking the drive with the same account you're logging in to?

Upon selecting "Turn On FileVault", if your Mac has multiple user accounts, you will be asked to identify the user accounts that will be allowed to unlock the encrypted drive (to start the computer or recover from sleep or hibernation).

Users not enabled for FileVault unlock will only be able to log in to that Mac after an unlock-enabled user has started or unlocked the drive. Once unlocked, the drive remains unlocked and available to all users, until the computer sleeps, hibernates, or is shut down.

Bleh. How annoying. I never in a million years thought I would say "I miss BitLocker".
–
vcsjonesSep 5 '11 at 4:32

This is not correct; authentication is normally passed from the preboot authentication screen to the normal login, so logging into an authorized account only requires entering the password once. If you want to log into a non-authorized account you have to first boot with/log into an authorized account, log out of that, then log into the non-authorized from the normal login screen.
–
Gordon DavissonSep 5 '11 at 6:13

From the linked KB article: "The user account that unlocked the drive will be logged into their own account after start up completes, without needing to log in again."
–
Gordon DavissonSep 5 '11 at 6:29

Per the comments, I decided to re-install Lion to see if the problem would go away. It did. Once I started setting everything up, the issue popped back up again. After doing trial-and-error, I've concluded that the problem is related to Parallels Desktop 7. Uninstalling the product removes the symptoms, and re-installing brings them back. I've opened a support ticket with Parallels to see if they are aware of the issue.

Once I narrowed it down the Parallels, I did some digging on their forums and it turns out many other people are having the same issue.

I don't know enough about how login info is passed from the preboot authentication/unlock system to the OS login to know what might've broken, but here are some generic test/info gathering steps:

Check the log files in the Console utility, and see if they indicate any problems during the boot process. Click Show Log List in the toolbar to get shortcuts to the standard log locations. The most relevant logs are probably All Messages, system.log, and /var/log > secure.log.

Try changing your password, and see if that resynchronizes something.

Try creating another account and see if it works better (it should automatically be set up for FileVault).

Finally, the brute force option: try turning FV off & back on. Note that while FV handles being turned on & immediately back off well, turning it off & back on is a little flakier. I recommend turning it off, waiting for the disk to finish decryption, then rebooting, and only then turning it back on again.